<?php
	require_once('../includes/config.php');
	require_once('../includes/functions.php');
	
	// Retrieve base HTML
	$pageStr = buildStandardPage('Transfer','Transaction');
	
	$content = '';
	
	if(isMobile()){
		$content .= 'Detected Mobile!';
	}
	else{	
		if(false == isset($_POST['submit'])){
			if(true == isLoggedIn()) {
				if (true == isBankManager() || true == isCustomer()){
					if(true == isActive()){
						
						$id = getID();
						
						$content .= makeAccountNavBar($id);
						
						// Build the HTML form that will allow the user to select accounts to transfer money between
						$content .= '<form name=transferForm method=post action='. $_SERVER['PHP_SELF'] 
						. ' onSubmit="return validateTransferForm(transferForm)" >'
						.'<table border=1 cellpadding=2 width=650>';
						
						$content .= populateAccountsForTable($id, array('Transfer From'=>'aidFrom', 
																		'Transfer To'=>'aidTo'));
						
						$content .= '<tr><td>Amount $:</td><td><input type=text name=amount></td></tr>';
						$content .= '</table><input type=submit name=submit value=Submit>'
						.'<input type=button name=cancel value=Cancel onclick="window.location=\''. $ACCOUNTS_URL . '\'" >'
						.'<input type=reset value=Reset></form>';
					}
					else{
						$content .= $NOT_ACTIVE_MESSAGE;
					}		
				}
				else{ // It's a system admin
					$content .= $MUST_BE_BANK_MNGR;
				}
			}
			// The user is not logged in.
			else{
			  $content .= $MUST_BE_LOGGED_IN;
			}
		}
		else{
			$tempArray = cleanPost($_POST);
			
			// retrieve original balance FROM
			$aidFrom = explode("-", $tempArray['aidFrom']);
			
			$fromBalance = $aidFrom[1] - $tempArray['amount'];

			$updateBalanceQuery = buildUpdateStatement('account', array('balance'=> $fromBalance), $aidFrom[0]);
			$result = executeSQL($updateBalanceQuery, 'Failed to insert into the database.');			
			
			// retrieve original balance TO
			$aidTo = explode("-", $tempArray['aidTo']);
			
			$toBalance = $aidTo[1] + $tempArray['amount'];
			
			$updateBalanceQuery = buildUpdateStatement('account', array('balance'=> $toBalance), $aidTo[0]);
			$result = executeSQL($updateBalanceQuery, 'Failed to insert into the database.');
			
			date_default_timezone_set('America/Chicago');
			
			// create transaction			
			$insertTransactionQuery = buildInsertStatement('transaction', array('accountid' => $aidTo[0],
																				'type' => 'Deposit',
																				'amount'=> $tempArray['amount'],
																				'balance'=> $toBalance,
																				'date'=> date("Y-m-d")));
			//echo $insertTransactionQuery;
			$result = executeSQL($insertTransactionQuery, 'Failed to insert into the database.');
			
			// create transaction			
			$insertTransactionQuery = buildInsertStatement('transaction', array('accountid' => $aidFrom[0],
																				'type' => 'Withdrawal',
																				'amount'=> $tempArray['amount'],
																				'balance'=> $fromBalance,
																				'date'=> date("Y-m-d")));
			//echo $insertTransactionQuery;
			$result = executeSQL($insertTransactionQuery, 'Failed to insert into the database.');
			
			header('Location: ' . $ACCOUNTS_URL);
		}
	}

	$pageStr = str_Replace('<!--content-->', $content, $pageStr);

	/**
	 * Send the generated HTML to the client's browser
	 */
	echo $pageStr;
?>